Microsoft's Telemetry Additions To Windows 7 and 8 Raise Privacy Concerns

WheezyJoe writes: ghacks and Ars Technica are providing more detail about Windows 10's telemetry and "privacy invasion" features being backported to Windows 7 and 8. The articles list and explain some of the involved updates by number (e.g., KB3068708, KB3022345, KB3075249, and KB3080149). The Ars article says the Windows firewall can block the traffic just fine, and the service sending the telemetry can be disabled. "Additionally, most or all of the traffic appears to be contingent on participating in the CEIP in the first place. If the CEIP is disabled, it appears that little or no traffic gets sent. This may not always have been the case, however; the notes that accompany the 3080149 update say that the amount of network activity when not part of CEIP has been reduced." The ghacks article explains other ways block the unwanted traffic and uninstall the updates.

Telemetry Hack

[smittyoneeach]

Telemetry hack
Like shearing your back
The right suds keep it
From chopping your stack
Burma Shave

Re:Telemetry Hack

[smittyoneeach]

"Sack on BACK!
Installing Slack
Bummer #1 with a mullet
Love to cower, Jack,"
AC/DC did not sing.

Re: Telemetry Hack

[BarbaraHudson]

Beware of geeks
Bearing gifts
When Microsoft says
It's free to upgrade
It's the original
Trojan horse
Taking your data
Is par for the course
Like Ebola it's the gift
That keeps on giving
Because Microsoft execs
Gotta make a living

Burma Shave

Re: Telemetry Hack

[smittyoneeach]

Making a living
Would seem better than
Making a dying
In Somecountrystan

Re: Telemetry Hack

[macs4all]

...Like Ebola it's the gift
That keeps on giving
Because Microsoft execs
Gotta make a living
Burma Shave

Now THAT's funny! (and sad at the same time)...

Define Your Acronyms

What the hell is CEIP? Editors, define your acronyms the first time they're used, especially if they're not common.

Can Editors Inspect Paragraphs?

Re:Define Your Acronyms

[Stolpskott]

Customer Experience Improvement Program... for those of us used to wading through the pile of sewage that is Windows in a corporate environment, it is well known and enjoyed about as much as annual performance appraisals.

Re:Define Your Acronyms

[srmalloy]

What the hell is CEIP? Editors, define your acronyms the first time they're used, especially if they're not common.

Customer Experience Improvement Program.

Re:Define Your Acronyms

[xxxJonBoyxxx]

>> Editors, define your acronyms the first time they're used, especially if they're not common.

I'm assuming SlashDot's using unpaid high school interns as editors these days, since anyone who's made it through a college-level writing course would know better. Your local town paper wouldn't hire you to write dog-catching interviews if you submitted this crap as an "article."

Re:Define Your Acronyms

[WillAffleckUW]

Cthulhu Eats Indigent Programmers

Re:Define Your Acronyms

[denis-The-menace]

And it's a failure b/c they ignore what people really wanted: the Start Menu.

Instead we got the Start List: 100+ icons to scroll through.

Only Santa's list is longer.

Re:Define Your Acronyms

Customer Experience Improvement Program...

And don't forget, if you're going to complain about the services and what they might be doing - You are not the customer who's experience they are improving.

Re:Define Your Acronyms

[yuhong]

Has been there since at least Office 2003 I think.

Re:Define Your Acronyms

[arglebargle_xiv]

Customer Experience Improvement Program...

It's a Microsoft customer service, in the sense of "the farmer got in a bull to service his cows".

Re:Define Your Acronyms

[thegarbz]

The content of the Windows 10 start menu is identical to the content of Windows 7's with the addition of live tiles mixed among the area you pin applications.
People got exactly what they asked for and complain anyway because the colour scheme is slightly different.

Windows 7's start menu was equally shitty to work through if you had to actually click "All applications"

Re:Define Your Acronyms

[dkman]

If I hit Start - All then hit N it does not take me to N (read "the first program/folder that starts with N"). The Windows 7 start menu does.
The way to do that now is to click on any letter/heading, which takes you to an alphabet, then click the letter you want to jump to. To my knowledge there is no keyboard way to do that other than paging down.

You can drag, delete, pin tiles. So my tiles are pretty trim. It does take me longer than finding a program that had been pinned to the top of the Windows 7 start menu, but that will resolve with time. I feel that they take more space, but when I'm in the start menu I'm not using the desktop so I really don't care that it's being chewed up.

The dark color scheme is a way to save battery on mobile devices. It also uses less power in plugged in PCs, so we're burning less coal to generate power. I'm fine with that. If anyone thinks it doesn't make a difference, any tiny change made over a billion PCs adds up pretty damn fast.

Re:Define Your Acronyms

[thegarbz]

Okay fair call. I did not know that because .... well what the heck is the use case for something like that? If you know the program name then hitting the first letter will come up with the name of the program. The number of times I've scrolled through the menu actually looking for something has been very limited and usually because I can't remember what the program itself was called. .... Or are you still actually organising the startmenu using folder trees; concept they tried to kill 10 years ago?

As for power, I hate to break it to you, but black is just the new grey. This has nothing at all to do with power for one simple reason: Other than OLED displays which are in the incredible minority it actually takes MORE energy for an LCD to display black than it does white. An LCD pixel in it's default OFF state lets light through and you apply a charge to the crystals to twist them and repolarise the light at 90 deg relative to the front polariser, effectively blocking it. There are exceptions to some designs but in the wide and general sense displays use between 2-10% more power to display a black screen. (The lower end is on the not so energy efficient displays like those used on desktop PCs, the higher range is for mobiles).

That said the world can't move to OLED sooner enough in my opinion and displaying black over white on that display technology saves some +90% on electricity. But really, right now, black is just the latest sleek marketing wank, kind of like new hotel rooms don't seem to install downlights and instead edge-light everything which drives me mad because it's damn dark in here right now.

Firewall/Router blocking settings?

[IMarvinTPA]

Does anybody have instructions for common hardware firewalls and routers on what needs to be blocked at the network level?

My google-fu keeps failing me and everybody tries to explain how to do it using the built-in firewall which is probably as secure as guarding the hen house with foxes.

Thanks,
IMarv

Re:Firewall/Router blocking settings?

There is a list in the sourcecode of this:
https://github.com/10se1ucgo/DisableWinTracking

Re:Firewall/Router blocking settings?

[geminidomino]

I put this in my tomato "Scripts" section. Basically grabbed all of the dig output for settings-win.data.microsoft.com and vortex-win.data.microsoft.com, cnames, and authorities for them.

Possibly excessive. I'm ok with that. YMMV.

iptables -I FORWARD -d 8.26.215.27 -j DROP
iptables -I FORWARD -d 64.4.54.254 -j DROP
iptables -I FORWARD -d 8.26.204.25 -j DROP
iptables -I FORWARD -d 198.78.199.155 -j DROP
iptables -I FORWARD -d 204.160.105.155 -j DROP
iptables -I FORWARD -d 4.23.46.155 -j DROP
iptables -I FORWARD -d 65.55.44.108 -j DROP

Re:Firewall/Router blocking settings?

http://init.sh/?p=236

There is a list of domains to block in that article.

Re:Firewall/Router blocking settings?

[Zanadou]

This isn't perfect, but I was using the batch file from here to uninstall/disable most of the telemetry bullshit from Windows 7.

(It says it's for Windows 10, but it seems works for Windows 7, too. Also note that the hiding/disabling of the KB updates in Windows update didn't work perfectly for me; I had to go back in a hide/disable some of them manually, afterward.)

Re:Firewall/Router blocking settings?

[arglebargle_xiv]

Does anybody have instructions for common hardware firewalls and routers on what needs to be blocked at the network level?

Note that this is only going to help if you're sitting behind your own firewall, as soon as you take your laptop out of the house all the data is going back to Microsoft again. So a more reliable option is to block it at the source by changing the Windows config.

(Which, if it's anything like getting rid of the Win10 downgrade nag, is going to be a major chore. I've scraped viruses out of PCs that were easier to remove than the Win10 nag).

Re:Firewall/Router blocking settings?

[rtb61]

Makes much more sense to un-install those privacy downgrades. Worth the effort as there is a distinct improvement in boot times as well as general performance. Those M$ anal probes do come with more than one cost, not just your privacy taken but also a system performance cost, obviously they run better in windows 10 built in than added in windows 7 and 8, which is why windows 10 outperforms fully privacy downgraded windows 7 and 8. I wonder how well windows 7 clean install no M$ recommended privacy downgrades compares against windows 10.

Re:Firewall/Router blocking settings?

[arglebargle_xiv]

Makes much more sense to un-install those privacy downgrades.

An easier option is probably just to disable them, it looks like the sole purpose of the Diagnostics Tracking Service is to send data back to Microsoft so if you prevent it from running you should be fine.

Disclaimer: I haven't run Snort on this yet so I don't know if there isn't something else phoning home with my data, but DTS seems the obvious candidate to kill.

Re:Firewall/Router blocking settings?

iptables -I FORWARD -d 8.26.215.27 -j DROP
iptables -I FORWARD -d 64.4.54.254 -j DROP
iptables -I FORWARD -d 8.26.204.25 -j DROP
iptables -I FORWARD -d 198.78.199.155 -j DROP
iptables -I FORWARD -d 204.160.105.155 -j DROP
iptables -I FORWARD -d 4.23.46.155 -j DROP
iptables -I FORWARD -d 65.55.44.108 -j DROP

iptables accepts DNS names. The above is only useful for all of the 5 seconds these addresses remain valid given the crazy DNS overlays most large shops are deploying these days.

Re:Firewall/Router blocking settings?

[rtb61]

Thanks, I did both. In fact it seems to be a never ending tangle, finding more and mores purposeful holes in windows built in on purpose and needing to be uninstalled, disabled, detasked and blocked at the (non-M$) firewall.

Re:Firewall/Router blocking settings?

Do you use your Tomato router as a DNS resolver/server for your LAN? If so, there is a much better and more reliable way to do this.

I wrote up a lengthy explanation of what's wrong with your existing solution and what the better solution is, but Slashdot kept insisting "Lameness filter encountered" -- whatever. So I put my response up on pastebin.

Hope that helps you and/or others.

Re:Firewall/Router blocking settings?

[ihtoit]

There's a method which works (I've done it, and wrote the method as I went): it completely obliterates the Win10 nag and all associated processes and files, registry entries and pretty much guarantees that it won't return.

Step 1: take ownership of the GWX folder
Go to /Windows/System32/GWX. Right-click, Properties. Then, go to the Security tab, click Advanced. Under the Owner, click on Edit. Select your account rather than whatever crap Microsoft has preselected. Make sure you tick the box that says subfolders and whatnot. Apply the change. Ignore the warnings and prompts.

Step 2: change folder permissions
On the right tab, click Edit. Then, select your user. Change the permissions to Full Control, and apply. Then, rename the GWX folder to something like GWX.old. And just in case, inside this folder, you may also want to consider renaming the four executable files. Just use any which extension to cripple their executability. Problem solved. I simply deleted the GWX folder but if you’re not confident, rename it. It does the same thing.

Step 3: delete scheduled tasks
Fire up “Regedit” and navigate to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\Taskcache\Tasks. What you’ll be faced with is a long list of CLSID entries. These appear to be random (but they’re not and the reason is long and complicated) and the data you want is in the right hand side pane. Go to the Edit menu and click “Find”, type “gwx” (without the quotes) and hit “Find Next”. The application will highlight the first entry, where you’ll see “GWX” under the key-value pair “Path”. On the left pane, locate the hive (folder) that this entry resides in (easy, it should already be highlighted) and export it (right click it) and then right-click delete it. There will by now be eleven entries. You’ll know you’ve got them all when you jump to a new section under .\\TaskCache\Tree\Microsoft\Windows\Setup. There you will be dropped into a hive with two entries: GWX and GWXTriggers. Export both of these and delete them. Launch Task Scheduler and make sure it runs with no errors.

Step 4: disable automatic Windows Update
Now you’ve killed GWX, you need to make sure Microsoft isn’t about to work around it and force a new kernel on you without your informed consent. Start the Windows Update tool from the control panel and check, it should now be disabled. If it isn’t, go into the settings and adjust to disable automatic updates. You can now either leave WU off and manually install updates after checking them for safety or leave WU altogether and risk missing an actual important update which may or may not contain a plug for yet another Microsoft security hole.

You’re welcome

PS: the reason to export the registry entries is simple: if you find your system refusing to reboot after this operation, simply restart in safe mode and remerge them into the registry. You may have inadvertantly removed the wrong key, if you’ve backed it up it should just drop straight back in, no harm no foul. Start over. :)

So far I've not seen the GWX process since doing this. I've got my computer back!

Re:Firewall/Router blocking settings?

[arglebargle_xiv]

Here's mine, rather more brief than yours since it was written purely as a memo for future reference:

Create key HKLM\SOFTWARE\Policies\Microsoft\Windows\GWX, then add DisableGwx
as REG_DWORD, value = 1.

Win+R -> taskschd.msc, open Task Scheduler Library | Microsoft | Windows |
Setup, which has two subkeys gwx and GWXTriggers. Delete all entries in
gwx, the other can't be deleted because of permissions, for this use Win+R
-> tasks, which opens C:\Windows\System32\Tasks. Go to
Microsoft\Windows\Setup, which is where taskschd gets its config for GWX
from, and take ownership of GWXTriggers and all its subfolders. Then
refresh taskschd and delete the GWXTriggers entries.

Finally, kill the GWX task from Task Manager.

Re:Firewall/Router blocking settings?

[geminidomino]

Do you use your Tomato router as a DNS resolver/server for your LAN?

I don't, but it's on the TODO list actually. I'll keep this in mind.

Thanks!

Re:Firewall/Router blocking settings?

[allo]

Forget it.

You cannot stop an operation system from spying on you, if you cannot trust it. If you need to firewall it, the trust is not enough. And MS can do stuff like sending the data while fetching the next windows update. Secured with TLS against YOU. Either you play with MS or you need to give up on them. You will not sufficiently stop them, as long as windows runs at the level of the operation system kernel.

Re:Firewall/Router blocking settings?

I just uninstalled and hid the offending updates in Windows Update. It's faster and cleaner than your method.

Re:Firewall/Router blocking settings?

[ihtoit]

good luck with that. I tried it that way, it fucking came back.

*cough*

Ubuntu...

Re:*cough*

[Bing+Tsher+E]

A 5/16" drill through the CPU works, too, but is just as off topic..

Re:*cough*

[macs4all]

Ubuntu...

I'll see your Ubuntu, and raise you an OS X.

Re:*cough*

[Bing+Tsher+E]

NetBSD. It even runs on my SE/30. A worthy upgrade from anything Apple on nearly any Apple hardware.

Re:*cough*

[macs4all]

NetBSD. It even runs on my SE/30. A worthy upgrade from anything Apple on nearly any Apple hardware.

Really? Have you ever tried A/UX?

I was just talking with a friend yesterday about "what ever happened to..." in regard to A/UX. If you can scare up an install set (and I think he said there is someone who has posted same up to the internet), it would run on your SE/30, and give you a nice MacOS GUI plus a UNIX POSIX environment.

Alas, I don't know much more about it, and I'm really just throwing it out there, because a lot of people don't even realize that Apple's involvement with UNIX actually goes WAY back, at least to around 1991. The reason it didn't take off was that Apple didn't market it very aggressively, and it was pricey.

But as far as preferring NetBSD over OS X, isn't that pretty much just saying you don't like OS X's GUI; because, unlike ANY Linux distro, OS X is a descendant of BSD UNIX, which, among other things, begat NetBSD?

But you simply won't admit that anything that comes out of Cupertino is worthy; so I don't know why I am wasting my e-breath.

Sigh, guess no Win boxes in the lab then

[WillAffleckUW]

There are consequences to every action

Re:Sigh, guess no Win boxes in the lab then

The funny part is that there was a man who saw all this coming back in the early 90s who nobody listened to. His name is Richard Stallman.

Stallman warned everyone that proprietary software turns on the user in the end. People are complaining that Windows now sucks, and they have all these expensive (closed source too) tools they depend on for their livelihood that can't run on any platform besides Windows. Well, I guess they're getting what's coming to them. Stallman tried to warn them, but they didn't listen because they wanted stuff to "just work". Well, Stallman's inconvenient truth can no longer be ignored.

So have fun Windows users. I hope that your short term gains were worth not solving the problem in an open, portable, way.

Re:Sigh, guess no Win boxes in the lab then

Even fucking funnier is that modern Windows won't even run some of those apps.

The shitstorm we're going to see in the next decade due to closed source, proprietary software should be called the Stallmancane (or Stallnado?)

Re:Sigh, guess no Win boxes in the lab then

[chipschap]

they didn't listen because they wanted stuff to "just work".

The further irony is that they didn't even get that much ... what they got was "stuff just works, except when it doesn't."

Now ... before anyone says, "yeah but stuff doesn't 'just work' on Linux either" ---- I know that. But I also know how much I paid for Linux. And if I'm good enough at it, I'm free to "fix stuff" and "make stuff work" I've done so many times. (Sure there are limits, the kernel is not so easy to fix ... but still ... you at least have full source access.)

Re: Sigh, guess no Win boxes in the lab then

[BarbaraHudson]

Microsoft is just helping you put into practice the (your) data wants to be free thing.

Re: Sigh, guess no Win boxes in the lab then

[lgw]

Ubuntu too, of course, part of their program of copying everything MS does.

Re:Sigh, guess no Win boxes in the lab then

[sexconker]

What did he eat from his toe, though?

Re:Sigh, guess no Win boxes in the lab then

Changing the subject, are we? I can do that, too.

When are you going stop your Cow trolling ways? Why aren't you posting at -1 yet?

Re:Sigh, guess no Win boxes in the lab then

..Stallman tried to warn them, but they didn't listen because they wanted stuff to "just work".

Aye...
and the stuff 'just worked' until the next incarnation of Windows, where it 'maybe worked', or, more likely, 'plain fucking stopped working' (hello rather expensive CAD/CAM package I need to use at work, I'm looking at you...)

I hate saying this, the problem wasn't with the message, but the messenger.

Mr Stallman does tend to somewhat freak out the 'normals' just a wee bit..unfortunately most people do judge others by their appearance, 'hey, why should we place any credence in the ravings of a hippie when the nice guys in the suits say.....'

Pavlovian conditioning...got to love it.

[Here's an asides..we've been running our section of the business on a bunch of Linux servers (scrounged hardware - zero cost) quite happily for six years, last year management cottoned on to the fact, insisted that we conform and install win2kwhatever...deployment of these winwunderboxen is now 8-10 months behind schedule, now management is bleating about the cost. meanwhile our Linux servers just carry on...it's fun, even suits are conditioned to believe that the BS that other suits tell them is the Truth ]

Re:Sigh, guess no Win boxes in the lab then

Except that its just as easy for an open source software to include tracking, see Ubuntu and its Amazon money making scheme or Firefox with its targeted add tiles ( and social media integration, etc. ) . Then we have Chrome/Chromium with a plug-in API intentionally crippled so tracking happens before the plug-ins get to access to the page code.

Free and Open source software as endorsed by Stallman does not help you in any way unless you patch and compile every package you use from scratch ( infeasible for 99% of humanity and a security nightmare) or whomever does it for you can be trusted not to have ulterior motives - see the above projects for a counter example.

Re:Sigh, guess no Win boxes in the lab then

The real irony is that only paranoid loons like Stallman actually care about the CEIP. The rest of us who are sane and intelligent don't give a shit because it's not a problem. I have no problem with Microsoft collecting data about how I use my computer because they still have no clue who I am or the full details of what I'm doing.

Re:Sigh, guess no Win boxes in the lab then

[Forgefather]

The error messages that you send to Microsoft contain a full memory image at the time of the crash, which includes all encryption keys that have not been explicitly zeroed out, and a full image of every other program you have running.

Re:Sigh, guess no Win boxes in the lab then

But what's the alternative? Linux? Linux(Distros) is not a desktop because it's still treated as a development platform. Software repositories, package managements? These are the tools that Microsoft uses in house for developing their OS's and Applications. Sorry, but I like it when software(old and new) includes everything needed to be installed offline without any dependency issues and also on old and new Operating Systems. The linux argument for not having all libraries and dependencies included in software is because it will eat up your hard drive, really? 500GB to 4TB? I have no problem with Windows.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

Stallman warned everyone that proprietary software turns on the user in the end.

I know of some that won't.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

Now ... before anyone says, "yeah but stuff doesn't 'just work' on Linux either" ---- I know that. But I also know how much I paid for Linux. And if I'm good enough at it, I'm free to "fix stuff" and "make stuff work" I've done so many times. (Sure there are limits, the kernel is not so easy to fix ... but still ... you at least have full source access.)

Another fallacious "free" concept: "Linux is only free if your time is."

Personally, I want to work with my computer, not on my computer. I have enough of the former writing Windows Applications during the day for work. So when I come home, the very last thing I want to do is fiddle-fart around with Linux just to achieve a modicum of usability, or suffer the slings and arrows of even more Windows crap, and now New and Improved built-in Spyware! So, check my username and get a clue as to what I enjoy as an alternative to either...

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

The real irony is that only paranoid loons like Stallman actually care about the CEIP. The rest of us who are sane and intelligent don't give a shit because it's not a problem. I have no problem with Microsoft collecting data about how I use my computer because they still have no clue who I am or the full details of what I'm doing.

That's cute. Look, everybody! Someone who is actually naive enough to believe that's all Microsoft is doing!

Here's a clue from the clue-box: Do you really think they would go to all the trouble that they have, just to see if they can "Improve the Experience"?

TANSTAAFL and Qui Bono apply here.

Re: Sigh, guess no Win boxes in the lab then

[macs4all]

Microsoft is just helping you put into practice the (your) data wants to be free thing.

So, if that's true, why don't we all just cause crash after crash, filling up their servers and bandwidth until they are forced to rethink their mass data collection strategy?

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

But what's the alternative?

That's easy...

Sorry, but they remain the only platform which does not (and never will) depend on software revenues (and/or the data extracted thereby). In fact, they discovered that the opposite philosophy can be a powerful selling-point.

And before you start whining about "cost", the question becomes "How much value do you place on your Privacy? The very existence of this Article (and the many other related ones on /. and other sites) says to me that, for geeks at least, Privacy is a very important consideration.

Think about it.

Re:Sigh, guess no Win boxes in the lab then

Another fallacious "free" concept: "Linux is only free if your time is."

Windows License+Seat is only hundreds of dollars per machine if my time is worth nothing. In reality, the cost is far higher. See, it works both ways dumbfuck.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

Another fallacious "free" concept: "Linux is only free if your time is."

Windows License+Seat is only hundreds of dollars per machine if my time is worth nothing. In reality, the cost is far higher. See, it works both ways dumbfuck.

I'm sorry; but that truly made no sense.

Re:Sigh, guess no Win boxes in the lab then

The error messages that you send to Microsoft contain a full memory image at the time of the crash,

That is untrue and absurd (therefore fits right in on this website). Most people have several gigs of RAM. Considering that most people have limited upload bandwidth, they MOST CERTAINLY are not uploading several gigabytes of data to report user mode crashes. At best they're sending minidump files, sized around 64kb.

Re:Sigh, guess no Win boxes in the lab then

What evidence have you personally seen? It's trivial to stick a network sniffer and see what they're sending. But you seem like a non-technical nutjob incapable of even this basic task. Thats probably why you're using a Mac.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

What evidence have you personally seen? It's trivial to stick a network sniffer and see what they're sending. But you seem like a non-technical nutjob incapable of even this basic task. Thats probably why you're using a Mac.

I'm an embedded designer with nearly 40 years' paid experience. So I am quite a technical nutjob, thankyouverymuch!

I use a Mac so I don't have to use a traffic sniffer on my own computer.

Next ignorant assumption?

Re:Sigh, guess no Win boxes in the lab then

As a former Mac user I can say that your comments are actually insulting. Apple pioneered some of the stuff Microsoft is doing here. Just because they make money on hardware doesn't mean that they are your friend.

Re:Sigh, guess no Win boxes in the lab then

[chipschap]

Another fallacious "free" concept: "Linux is only free if your time is."

But it's my free choice; I decide how much time I want to put in. And as to this:

the very last thing I want to do is fiddle-fart around with Linux just to achieve a modicum of usability

... in recent years I've had to do no fiddling to achieve a very high level of usability. It's only when I want something special or highly customized that I need to "fiddle." Of course sometimes I want to fiddle but it is seldom a necessity.

So, check my username and get a clue as to what I enjoy as an alternative to either...

Certainly a valid choice. Macs are great for people who can't handle much else.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

Macs are great for people who can't handle much else.

I'm really getting tired of this /. meme. Perhaps I just need to publish my resume as part of my User Profile...

Not to sound big-headed; but the short story is that I am an Embedded designer with almost 40 years of paid hardware and software development experience on a wide variety of microcontroller platforms, from 6502 to ARM9 Cortex (and many others in between), mostly in Assembly and C. Although I have done quite a wide range of applications, my forte and first love lies in real-time process control. So, to say that I have done more than my fair share of fiddle farting around would be an extreme understatement. Oh, and BTW, some of that Development, including software development, CAD for schematic capture and PCB development, some LabView stuff (BTW, LabView was for years a Mac-Only system), and other stuff was done on Macs.

But, because the Embedded market has in recent years devolved into little else besides chasing contract work (which doesn't work well when you have a house and family to drag all over the country), I currently am employed doing Windows Application Development for a small local company. This also means that I do a fair bit of Windows Server admin stuff on pretty much a daily basis. Oh, and BTW, I am also a Certified SQL Server admin.

So with all due respect, you don't know anything about my credentials. Now you do.

Care to retract your fallacious and misinformed generalization regarding Mac Users?

Oh, and does this also mean that the plethora of people who show up at hacker conferences sporting Mac laptops also "can't handle much else"? Or are you going to claim that they don't count, just because they dual-boot a Linux Distro on their MacBooks?

Re:Sigh, guess no Win boxes in the lab then

[chipschap]

There is a logical fallacy right at the front of your extended reply.

If p, then q does not imply if q, then p.

My statement that "Macs are good for people who can't handle much else" stands. That statement did not assert "all people who use Macs can't handle much else."

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

There is a logical fallacy right at the front of your extended reply.

If p, then q does not imply if q, then p.

My statement that "Macs are good for people who can't handle much else" stands. That statement did not assert "all people who use Macs can't handle much else."

True enough; but the meme still gets tiresome, because, in my many years immersed in both Mac and Windows environments, (including a stint admin-ing a mixed network of about 50 machines, of both Windows and Macs), I find Mac users are pretty much no different from Windows users, a far as average technical prowess goes. Linux users are another matter; but that just goes with the territory.

Re:Sigh, guess no Win boxes in the lab then

LOL, keep shilling for corporations, shilly. Linux ain't that hard. If anything ever were to break in Linux (and it doesn't in my experience) at least you get the option to fix it.

Re:Sigh, guess no Win boxes in the lab then

You are strangely deluded - it'd be cute if it wasn't so sad.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

You are strangely deluded - it'd be cute if it wasn't so sad.

And you are a Coward. It'd be cute if it wasn't so annoyingly common on here.

BTW, exactly what is delusional about recognizing that there is only one Platform that has actually taken a stance on User Privacy in writing, and has actually honored those Words?

Microsoft? Nope. Isn't that the whole reason behind this Article?

Google? Hahahahaha!

Linux? Well, considering that there really isn't a "Linux, Inc.", the answer to the question lies in the code of a hundred-plus distros. Care to code-review them all? I'll wait.

So, AFAICT, that pretty much leaves Apple. And when you can show me the firewall logs from an OS X system, where the User has opted-out of their PUBLISHED "Data Collection" programs, such as "Spotlight Suggestions" and "Share details about my iTunes Library with Apple" using the readily available GUI switches for same (rather than having to resort to Hosts file editing, external Firewall devices and Traffic Sniffers to attempt to plug the NON-PUBLISHED holes like with Windows), THEN I will agree that Apple == Microsoft.

But not before.

It is not "delusional" to call for evidence; remember that.

BTW, here's a recent Wired article that sort of underscores what I have been saying in this post and previous ones in this sub-thread about Apple putting their money where their mouth is. As I said, they have recognized that protecting and not-collecting User data is a marketing tool unto itself. Fortunately, as a hardware-based "monetization" model, they can keep enforcing, and enhancing, that policy without cutting into their revenues. In fact, in the long run, and especially with stuff like WinSpy10, that may look more and more attractive to users.

Re:Sigh, guess no Win boxes in the lab then

Really? So there is 32GB of memory dumped and uploaded for my 32GB boxes? I thought they were in the hundreds of MB's...

Re:Sigh, guess no Win boxes in the lab then

The funny part is that there was a man who saw all this coming back in the early 90s who nobody listened to. His name is Richard Stallman.

If a person says something is going to happen for long enough, eventually it probably will. This wasn't foresight on Richard "Toejam" Stallman's part, it was him being a stubborn ignoramus and repeating his myopic opinion like a broken record until either it came true or he died.

Nostradamus famously said that the world would end and you know what? He's right. Eventually the world will end and I bet there will be people like you going "See? See? Nostradamus was right all along!"

Re:Sigh, guess no Win boxes in the lab then

macs4all might be a worthless Crapple fanboi, but he doesn't need evidence because the burden of proof is on Microsoft to prove that what they claim they are collecting is true. Since the source is closed and the packets are encrypted, nobody but Microsoft could provide that proof.

But let's get real here. Microsoft isn't collecting harmless little bits of data to make your experience better. They'd have nothing to gain from that.

Re:Sigh, guess no Win boxes in the lab then

You should have gone to school.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

You should have gone to school.

I did; but clearly your forte is not communication skills.

Re:Sigh, guess no Win boxes in the lab then

[Trogre]

Are you serious?

Re:Sigh, guess no Win boxes in the lab then

Stallman warned everyone that proprietary software turns on the user in the end.

I know of some that won't.

idiot.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

Are you serious?

No, he is the co-founder of Mondo 2000 magazine.

Re:Sigh, guess no Win boxes in the lab then

[macs4all]

Stallman warned everyone that proprietary software turns on the user in the end.

I know of some that won't.

idiot.

I know you are, but what am I?

Re:Sigh, guess no Win boxes in the lab then

You're a funny guy, and I'm sure you think you're just like the average dumb ass Mac user, don't you.

Well, you're not, but it's pretty clear that you're "special".

I'm done with Microsoft

no more updates -- no more purchases

MAPS

[fustakrakich]

Microsoft Active Protection Service.

Turn it off if you are using their antivirus errr, stuff

Why are we picking on Microsoft?

Microsoft is certainly not the first to data mine some information from computer users. Nor is it the first to force updates onto devices. Or use a special account sign in to access a device. Microsoft is basically following what Apple and Google have already done and got little attention from it. Tell me that a Facebook account is less of a threat to your privacy then a Microsoft account signed into Windows 8 or 10. Really, this is ridiculous that we now pick Microsoft to spin them as the bad company here. Folks, we lost privacy on the internet these days the minute you accessed it and used services like Twitter, Facebook, Google anything, Apple anything, and so much more. The internet of things is you. Get over it!

Re:Why are we picking on Microsoft?

So lets just fuck it and let microsoft do it too? Why don't you think a bit before defending assholes.

Re: Why are we picking on Microsoft?

I don't use social media, why should I be expected to share now? Because microsuck wants to harvest my code and claim it as their own? Improvement of windows is why they reserve the right to raid any attached storage and receive a copy of the first 35Mb of video recorded? You can take your social media reach-around and go F yourself with it.

Re:Why are we picking on Microsoft?

Well I can choose to use DuckDuckGo instead of Google, and I can choose to not use facebook, but the majority of software and games I have are on Windows, so really no choice there.

Re:Why are we picking on Microsoft?

The ironic thing is that I have refused IT work because I didn't have an active FB account, usually being called a "fossil" because I don't describe how many coils I pinched off that morning to all and sundry. Same with Twitter.

Re:Why are we picking on Microsoft?

[macs4all]

Microsoft is basically following what Apple and Google have already done and got little attention from it.

What little data-gathering that Apple has done not only pales in comparison with the massive data-suck that is going on in MS OSes now.

And Apple is very up-front about what they do (and more importantly, don't) collect, what they do with it, and most importantly, How to Turn It OFF. Completely. .

BIG difference!

Re:Why are we picking on Microsoft?

[allo]

you're saying this, as if you were forced to use this software.

If the government would make it illegal to use these softwares, you would not say "But that's the majority of software i have", but "hey, i use some of the alternatives". Or at least pretend to.
So why act as if your existing software is an unstoppable force, which requires you to use windows?

Never install updates without reading the KB

and some quick googling too. And don't install any new updates, especially kernel updates, within the first week.

I don't have any of the tracking crap (that we know of) installed as i manually check each and every update offered. It's always been a good idea to wait a little bit after patch tuesday to make sure they haven't borked any updates but these days you simply cannot trust microsoft given that they have turned 10 into what amounts to a spyware infected OS.

Re:Never install updates without reading the KB

[fustakrakich]

You know, I could probably crack the best encryption available before I could finish reading through their KBs... It's much faster to install everything and then sniff your network (picture the internet as being a bunch of dogs all smelling each others' butts) for about 20-30 minutes and block anything that looks suspicious. The built in firewall isn't too shabby.

Re:Never install updates without reading the KB

[Mister+Transistor]

That's great until you run into an non-uninstallable update. They exist. Check out the "anti-piracy" updates they foisted on us the same way, just TRY to uninstall one of them!

Better to find out what the damn updates do first, and NEVER allow them to install in the first place if possible.

Re:Never install updates without reading the KB

[mister_playboy]

Microsoft has already solved your workaround by making all new KBs entirely nondescript. Enjoy your black box updates.

Re:Never install updates without reading the KB

..The built in firewall isn't too shabby.

And you've audited the source code for said not too shabby firewall?

No?

So, you've no real idea if the logging data it provides is telling you the truth then about its functionality, no idea if they've implemented a magic key to bypass it (and it's logging) then?

How the fuck do I completely disable this?

Eat my shit Microsoft. No one wants their data sent to you in any way, shape, or form.

Stop being sneaky snake motherfuckers and trying to slide one by your consumers.

I bet in your board meetings you use your predatory thinking and tactics to prey on the consumer and steal their data. Especially the most vulnerable users who don't know any better.

Maybe some big legal team will file a class action suit against you for these board room meetings?

Re:How the fuck do I completely disable this?

Eat my shit Microsoft. No one wants their data sent to you in any way, shape, or form.

Stop being sneaky snake motherfuckers and trying to slide one by your consumers.

I bet in your board meetings you use your predatory thinking and tactics to prey on the consumer and steal their data. Especially the most vulnerable users who don't know any better.

Maybe some big legal team will file a class action suit against you for these board room meetings?

If they have nothing to hide, we should be able to have total access to these meetings, and everything else Microsoft does. Oh, I guess privacy rights are still a thing if you are not one of the little people.

Re:How the fuck do I completely disable this?

I bet in your board meetings you use your predatory thinking and tactics to prey on the consumer and steal their data.

You cant "steal" data just like you cant "steal" music or movies or software.

Compare the experience to...

[Announcer]

I think a more apt comparison would be to compare this to the entire process of getting a colonoscopy, from the preparation the day before, to the actual "exam".....

Re: Compare the experience to...

CEIP can largely be ignored. A good colonoscopy will at least tickle your prostate.

Both are much better options that the asininity of performance reviews.

Re: Compare the experience to...

[reboot246]

I wouldn't know. I was out cold during my last colonoscopy. Most people are nowadays.

But I'm wide awake when it comes to being screwed by Microsoft. And it's not pleasant.

Re: Compare the experience to...

A good colonoscopy will at least tickle your prostate.

...said the guy whose never had a colonoscopy, ever.

Re:Compare the experience to...

[EndlessNameless]

It's not that bad. It's hardly a problem at all.

There are GPO settings to configure it, so it takes a domain admin maybe 5-10 minutes to log in and disable it globally. No scripting or registry hacks required.

BAM!!!!

There goes the other foot.

Instead of blocking the updates with a firewall

Why don't they just uninstall the update? Seems like they're making it harder than they should.

The guy who turned on "DoNotTrack" in IE?

[xxxJonBoyxxx]

So...did Microsoft take the guy who turned on "Do Not Track" in IE out back and shoot him?

Re:The guy who turned on "DoNotTrack" in IE?

"Do Not Track" was just Microsoft hating competition.

Kickstarter Needed

[Tokolosh]

I am willing to contribute money for the development of (hopefully) simple software or scripts rid my system of this malware, once installed.

Also, some ongoing review system which only allows MS updates that are deemed benign.

Sheesh, it's getting tedious to wade through all the KB verbiage with my evil lawyer hat on.

Re:Kickstarter Needed

[Tokolosh]

https://github.com/WindowsLies...

Someone is on the case!

Re:Kickstarter Needed

[ilsaloving]

I found this. Dunno if it's 100% comprehensive, but it's a start.

http://www.hakspek.com/securit...

Re:Kickstarter Needed

[green+is+the+enemy]

I've also been eyeing this project, but haven't tried it on any of my machines yet. In the reddit /r/sysadmin thread people seem quite critical of this script. There is credible opinion that these updates will be required for windows to continue updating in the future, so it's dangerous to remove them; and that privacy cannot be achieved anymore while running Microsoft operating systems.

Re:Kickstarter Needed

Don't sweat the script. Just use the hosts file. Surely don't install Windows 10, you're a tool if you do. Everybody should seriously stay on 7/8/8.1 and read KB's before you update. You shouldn't be using Windows for anything requiring security anyway. That doesn't mean hey Microsoft sell us your botnet OS.

The concerns this "green is the enemy guy" brings up... are very easily remedied. Set your updates to not install automatically. Everybody knows when Patch Tuesday is. Any time after the patches become available, rename your hosts file to hosts_disable while you check for updates. Then one-by-one look through to identify what the next bullshit sneak is. If you don't absolutely need an update, skip it and hide it. IWhen you decide what you want to install, go for it and cross your fingers. Reboot and rename your hosts_disable back to hosts. Never forget what a dick move Windows 10 is. Bill made it to the richest man on Earth with this pos. First he sold OS's then he sold the customers.

I have said it many times. Now is the time to ditch Windows ASAP. Linux is so much better. Microsoft obviously thought distributing GLOBAL SPYWARE would somehow be cool because everybody is just sheep anyway. nah.. gtfo

https://gitlab.com/windowslies/blockwindows

As of right now, the file you want is the one merely named hosts.
https://github.com/WindowsLies/BlockWindows

On the github page click hosts, then click Raw
Press Alt then look at the top left corner of your browser
Select File, then click Save Page As...
Save it wherever you want just leave it named hosts
Navigate to the file location Windows System32 Drivers etc
In \etc you will see a default hosts file if you never changed it. Either add the contents of the hosts file you downloaded from the above url, or over write it. You can rename the default if you want to, to keep it. Something like hosts_default or whatever.

I was going to add the hosts file here but got filtered.

distrowatch.com and enjoy your life.

Re:Kickstarter Needed

http://www.ghacks.net/2015/08/28/microsoft-intensifies-data-collection-on-windows-7-and-8-systems/

It would not let me add this URL, but it will let me in another post. nice one.

Came across another one while waiting for the super smart timer.

http://www.express.co.uk/life-style/science-technology/601936/Windows-10-Data-Collection-Usage-Privacy-Windows-7-Windows-8-1

Microsoft rolled out its final major operating system, Windows 10, to some 190 countries last month.

Yep, Windows is death knell. It is now 100% Global Spyware

Re:Kickstarter Needed

[AmiMoJo]

I wish that guy documented his work a bit more and didn't come off as paranoid. Why does he block hotmail.com, for example? I need login.love.com to use OneDrive for my encrypted backups. Blocking random Akamai servers doesn't sound like a good idea either.

What we need is a minimal set of blocking rules, with each one well documented with evidence that it actually needs to be blocked. None of this hacky "block a bunch of random web sites because they are associated with Microsoft" crap.

There is too much speculation and bullshit flying around at the moment. People convinced that there is a keylogger, convinced that the firewall doesn't block MS spy servers. People convinced you can't disable Cortana (it works for me), and that a hash of every image you open is sent to MS (Wireshark doesn't show anything).

Someone smarter than me needs to do an in-depth analysis.

Re:Kickstarter Needed

www.nliteos.com
re-build win to a custom install disk. remove garbage you don't want. add stuff you do want.

or 7lite for 7. got my install down to 8 gig.

Re:Kickstarter Needed

[macs4all]

apple.com and enjoy your life.

FTFY.

Re:Kickstarter Needed

http://toolbar.netcraft.com/site_report?url=apple.com
http://toolbar.netcraft.com/site_report?url=www.apple.com

apple.com runs on Linux. FTFY

Hosting History
Netblock owner IP address OS Web server Last seen
Refresh
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.142.160.59 Linux unknown 2-Sep-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.178.96.59 Linux unknown 29-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.172.224.47 Linux unknown 27-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.172.224.47 Citrix Netscaler unknown 26-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.172.224.47 Linux unknown 23-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.142.160.59 Linux unknown 22-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.178.96.59 Linux unknown 20-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.172.224.47 Citrix Netscaler unknown 17-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.178.96.59 Linux unknown 16-Aug-2015
Apple Inc. 20400 Stevens Creek Blvd., City Center Bldg 3 Cupertino CA US 95014 17.142.160.59 Linux unknown 14-Aug-2015

comment: http://apple.slashdot.org/comments.pl?sid=6752281&cid=48844181

Because OS X is no longer supported on my Mac (Score:5, Informative)
by the_humeister (922869) on Sunday January 18, 2015 @10:03AM (#48844181)

Power Mac G4: Debian 8 runs like a champ. The latest Mac OS won't even install.

Just keep buying stupid shit while Linux users laugh at you.
distrowatch.com

(Apple CEO Tim Cook would never stick it in your ass like Microsoft, of course. Gay pride #1 !!)

Trifecta of obscurity

[Okian+Warrior]

"Raises privacy concerns" is elliptical speech: it's made to be deliberately obscure. (It uses "causes concern" to convey the central point without giving any information about what the point is.)

It's also passive voice, in that there's no person performing the action, the action is simply "caused" by something. (For comparison, consider "we wrote reports" versus "reports were written".) Hence, there's no person or group responsible, it's simply an aspect of situation.

And finally, the phrase uses framing to soften the effect. Your personal information isn't being harvested, the system simply "raises some concerns".

Taken as a whole the headline tries to get the reader emotionally involved by stating something we should be concerned about, without saying in concrete terms *that* there is anything to be concerned about, and that it's *other people* who are concerned.

Meh. This didn't work on me, I'm not actually concerned, I'm going to ignore it.

(Propaganda success!)

Re:Trifecta of obscurity

[The-Ixian]

I am with you, my friend.

If they really want to know where my desktop is.... I guess it is no secret anyway... I mean I am using a public IP after all...

Re:Trifecta of obscurity

[rotovator]

Can't mod you up, because I login to slashdot once every two years on average. Your post made me login just to be able to thank you for your clear explanation. I'm totally with you. And these ruses are also used in other news, which probably have fooled either you or me into beliveing any lie in some moment.

Re:Trifecta of obscurity

Remember when everyone was all bothered by the CPUID that would identify everything you did on the internet? Now that there is a CloudID that will do the same thing, where is the outrage? First you hate it, then you accept it, then you embrace it.

If you think the AshleyMadison hack is causing problems, wait until a hacker leaks logs of your "activity" that are filled with fake entries that frame you for things you don't know anything about. No way to prove your innocence, because the press will only report on the leaked data as though it is all accurate. If you happen to loose your job and family, that is acceptable collateral damage for having an open society.

Re:Trifecta of obscurity

Remember when everyone was all bothered by the CPUID that would identify everything you did on the internet? Now that there is a CloudID that will do the same thing, where is the outrage?

Nowhere because they realized that all that fear was unfounded.

If you think the AshleyMadison hack is causing problems, wait until a hacker leaks logs of your "activity" that are filled with fake entries that frame you for things you don't know anything about.

You don't need to be a "hacker" to make up fake things and give them to the press.

No way to prove your innocence, because the press will only report on the leaked data as though it is all accurate.

Right so all this worry about legitimate data being collected is irrelevant anyway, you can just make up stuff and give it to the press and they won't care it if isn't accurate.

Re:Trifecta of obscurity

[Bite+The+Pillow]

Idiot. The trifecta understates the problem, the propaganda being that you should not be concerned. The article propaganda is that you should be concerned.

The Dashslot summary is always something almost exactly unlike the article. The article headline linked is "Microsoft intensifies data collection on Windows 7 and 8 systems" - that's the opposite of the softening and obscuring language you pointed out.

Making decisions based on Dotslash summaries is what idiots do, it is idiotic.

Disabling services

When the service is disabled, no traffic should be sent back to Microsoft whatsoever. "Little/ almost no traffic" is not good enough.

Re:Disabling services

In addition, at least one of those updates (or another not on the list given in the summary) turned on the CEIP crap on my Windows 7 box. Or I assume it was Microsoft -- I don't think a virus or malware (other than Microsoft's) would turn it on, and I know I sure as hell turned it off when I installed Win7 to start with.

Microsoft deliberately fucked with the software I paid them for, using it for their purposes and ignoring mine. I'm done with Microsoft forever, and I heartily wish it were within my power to take every single Microsoft employee and, Raiders of the Lost Ark style, bend them backwards over a dark altar and cut their chests open, rip their still-beating hearts out and then ram it right back up their ass. Relax, that is not within my power. I can only post partially-insane rants on the net about it all.

Oh, and I can wait patiently for Apple's announcements on Sept. 9, to see what options I'll have for my new computer. Not that Apple is even close to perfect, but they haven't fucked me over lately.

Eternal hatred, Microsoft. Eternal hatred burning like a thousand suns.

Re:Disabling services

The telemetry stuff is under options in the windows updates which does not get installed automatically.

Re:Disabling services

Oops, Sorry, 7 of them are automatically installed but I could only find 6 of them which i removed.
http://www.wilderssecurity.com/threads/list-of-windows-7-telemetry-updates-to-avoid.379151/

Re:Disabling services

Probably not bad to use linux now since for the past 2 month's my windows 7 performance has degraded so much even though no viruses or malware detected using multiple bootable iso anti-virus programs, including combofix.

Considering my Windows 10 system...

that I only use a few times a day for testing with Edge uses more bandwidth than the Windows 7 system I normally use, it is definitely sending a lot of information to Microsoft. Plus, the tiles on the start menu use a lot of bandwidth. I have a slow connection so there's usually a ten or more second pause after I click the start button before it is shown.

Re: Instead of blocking the updates with a firewal

Can it be removed? They have been putting out more and more 1-way updates.

BATCH SCRIPT REMOVE BAD WIN7 UPDATES

Put the following script in a *.bat file and run it with an elevated prompt.

Personally though (mixed Linux + Win7 user here) I no longer install any updates from Microsoft that aren't flagged "Security Update". Done. The added benefit of this, especially for many of my VM images, is that the winsxs folder does not balloon out of control. So it's a win-win as far as I can see. So far I haven't noticed anything missing from Win7 due to me not applying the updates. Can anyone point out something I may miss?

PS: This script is not mine, I got it from this thread here.

---
FUCK YOU SLASHDOT: Filter error: Please use fewer 'junk' characters. ....sorry all, can't post the script here. Folllow the link and take it from there. The guys on that thread have posted 2-3 iterations, I personally used their final version and it works very nicely, though based on my post above you can see for new installs I'm not installing *any* Win7 updates that aren't "Security" updates.

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

I'll just try it again without the rest of the post. Now I get "Your comment has too few characters per line (currently 38.5)." Again, fuck you Slashdot. Let's see if this line can fix it. Let's see if this line can fix it. Let's see if this line can fix it. Let's see if this line can fix it. Let's see if this line can fix it. That didn't work "Your comment violated the "postercomment" compression filter. Try less whitespace and/or less repetition.". Try again.

ECHO OFF
REM --- remember to invoke from ELEVATED command prompt!
REM --- or start the batch with context menu "run as admin".
SETLOCAL

REM --- (as of 2015-08-26):
REM KB3012973 - Upgrade to Windows 10 Pro
REM KB3021917 - Update to Windows 7 SP1 for performance improvements
REM KB3035583 - GWX Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1
REM KB2952664 - Compatibility update for upgrading Windows 7
REM KB2976978 - Compatibility update for Windows 8.1 and Windows 8
REM KB3022345 - Telemetry [Replaced by KB3068708]
REM KB3068708 - Update for customer experience and diagnostic telemetry
REM KB2990214 - Update that enables you to upgrade from Windows 7 to a later version of Windows
REM KB3075249 - Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
REM KB3080149 - Update for customer experience and diagnostic telemetry
REM KB3044374 - W8,8.1 Nagware for W10
REM KB2977759 - W10 Diagnostics Compatibility Telemetry
REM KB3050265 - Windwos Update services update to upgrade to W10
REM KB3068707 - Customer experience telemetry point. W7,8,8.1

REM --- uninstall updates
echo uninstalling updates ...
start "title" /b /wait wusa.exe /kb:3012973 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:3021917 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:3035583 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:2952664 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:2976978 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:3022345 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:3068708 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:2990214 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:3075249 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:3080149 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:3044374 /uninstall /quiet /norestart
echo - done.
start "title" /b /wait wusa.exe /kb:2977759 /uninstall /quiet

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

Slashdot is now fucked. Just getting that posted was too much work. I can't be bothered any more guys, sorry, I'm taking my ball and going home...
--
Not APK.

" You must wait a little bit (4 minutes) before using this resource; please try again later."

LOL

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

[o_ferguson]

Seems a rather lengthy and convoluted batch file - just use this: http://pastebin.com/B3DjTSX1

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

[mythosaz]

Both scripts fail to make use of a simple FOR command.

FOR %A IN (list) DO command [ parameters ]

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

[sexconker]

Some people may copy and paste it in versus running it in a batch file. (And those people likely will not know when they need to change % to %%.)

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

Both scripts fail to make use of a simple FOR command.

FOR %A IN (list) DO command [ parameters ]

yet you fail to provide such a corrected script using said structure in your own fair hand...

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

It's also a completely pointless modification to the script.

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

[wootcat]

I did this just a few days ago (not the script, but removed all these KBs by hand).

While that's great and all, I'm not sure what to do moving forward. I'm certainly not believing Microsoft won't continue to try and insert these call-backs in future KBs and I'm not Windows-savvy enough to trust myself to identify future KBs that I would not want in my system.

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

[macs4all]

Can anyone point out something I may miss?

Only the fact that you are trusting Microsoft to accurately and truthfully denote when Updates are really Security-Related, and when they are not. And what happens when an Update has some Security components to it; but then there are "other" "Stability Improvements" (or whatever) that are actually Spyware? Kind of like how a Bill in Congress will "be for" giving poor schoolchildren free lunch over the Summer; but then there will be some innocent-looking "Amendment" to the Bill that does something like divert all your banking information to the IRS/NSA/CIA, etc...

Re:BATCH SCRIPT REMOVE BAD WIN7 UPDATES

https://github.com/WindowsLies/BlockWindows

http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/

there done for you.

Windows 10

[Fire_Wraith]

I really want to like Windows 10. It seems to have a lot of nice features, was a smooth upgrade from 7, and probably the single most painless OS upgrade I've had on any MS platform (I had to correct a single driver, for a minor issue, and that was it).

But I'm really, really sick of just how blatantly Microsoft is trying to jam every single stupid thing into this, and tie it back to their cloud based bit. And I might even be okay with some of that, because I'm well aware that I wind up giving a lot to Google when I'm using stuff on Android. I might even use some of it, if they weren't going far beyond even what Google does.

The final straw was when they wanted to essentially remove my local account on the machine and replace it with me using a Microsoft account for my local login. No, sorry, but Redmond can go get fucked if they want that. It's one thing to have stuff in a cloud based application that has its own password, but it's another thing for that cloud based password to be my entire system. Perhaps I'm being overly negative, but it's just too much, that they want all this personal data, and they want to tie it all not just to what I do in application land with Outlook/Bing/Edge/Cortana/Skype whatever, but down to the OS level? No. And if it gets worse, I may just have to bite the bullet and do my PC gaming on Linux, and give up on doing anything bleeding edge.

Re:Windows 10

"The final straw" .... You hit the final straw. And you haven't switched operating systems?
 
" And if it gets worse, I may just have to bite the bullet and do my PC gaming on Linux, and give up on doing anything bleeding edge."
 
So if that happens, will that be the "final straw" or the "extra final straw" or will it be the "final final straw" or the "I'm serious I really mean it this time --- no kidding --- final straw".

Re:Windows 10

The final straw was when they wanted to essentially remove my local account on the machine and replace it with me using a Microsoft account for my local login.

That's nothing new - it was introduced in Windows 8, and what you see in Windows 10 is the same as it was in 8.1 (during setup, you have to choose "Create a new Microsoft account", then "Use local account"; in Windows 8, you could just choose "Use local account" upfront).

Re:Windows 10

[ihtoit]

that's Software As A Service for you. Cloud-based login for a local account is just about the stupidest idea I have ever heard of. What if you don't have an internet connection (for example, if you're sitting in a roadside cafe)?

Windows 7 and no automatic updates for me, and I've just started ripping out the other CEIP crap, there's fuckin' loads of it.

Re:Windows 10

[vux984]

The final straw was when they wanted to essentially remove my local account on the machine and replace it with me using a Microsoft account for my local login.

Apple actually it too.

And in both cases, you can simply say No. It's not as obvious as it should be, but its also pretty trivial to say no, and since saying no, it hasn't bugged me about it again.

Perhaps I'm being overly negative, but it's just too much

I tend to think so too. But some people actually seem to like it.

I may just have to bite the bullet and do my PC gaming on Linux

Or you could just run a local account on your PC as you've always done. And not use Bing, edge, and outlook, and turn off Cortana.

Windows 10 is a product of the times, so anticipate stuff with cloud integration shit to be all over the place... everyone else is doing it. Apple. Google. even Canonical (Ubuntu)...

Re:Windows 10

You can use a local account until you needed the 8.1 update, which requires the store, which requires an account.

Re:Windows 10

If you're worried about privacy then don't use closed source software. You can't audit the source. You must assume the worse, and behave as if every bit is being sent off to a 3rd party and being scrutinized. Anything less is just plain foolish.

Do people still write off Richard Stallman? You know he predicted the internet of today, 2015. A creepily perfect blow-by-blow prediction of exactly what we face he wrote in 1997.. Only the date in his parable was 2047 not 2015.

The reality of consumer computing today is that it's a service. Plain an simple. Even "traditional" computers need updates, fixes, and all sorts of internet-tied data coming in and out. Services running on closed software owned by private companies mean they will see your data. End of story.

Personally, I don't give a flying fuck. All this telemetry does give Microsoft a lot of good information to help support their users. This is fan-fucking-tastic because this means Microsoft is actually listening. Not listening is what gave us Vista and Windows 8. For the average consumer the data privacy thing is pretty much pointless by now. They happily pour 1000x the information in to facebook and social media platforms for free. Telemetry makes my supporting end users a whole lot easier. (I submitted an issue with the win10 built-in feedback system and holy fuck MS is going to fix it. It's an obscure issue with a particular font, and the part of windows where you manage built in features. They've acknowledged it sucks and are going to fix it. Mind fucking blown)

Its now just a game of trust. Pick a provider and trust them or you don't get your shiny easy internet toys.

If you care, go download FreeBSD, Slackware, Debian, Ubuntu, or whatever they hell you'd like.

Re:Windows 10

[exomondo]

"The final straw" .... You hit the final straw. And you haven't switched operating systems?

No it was the final straw before he pseudonymously posted a strongly-worded opinion in a comment on a story on a website.

Re:Windows 10

Do people still write off Richard Stallman? You know he predicted the internet of today, 2015. A creepily perfect blow-by-blow prediction of exactly what we face he wrote in 1997.. Only the date in his parable was 2047 not 2015.

And what is the actual effect? I mean people have been saying there are backdoors in Windows for 20 years and that Microsoft can see inside your PC and get your data, etc, etc. So what has this resulted in? For all the telemetry data (if you have opted in to CEIP and not disabled the services or blocked them with a firewall) that has apparently been sent what has been the big scary negative result?

Same goes for Apple and Google, for a technology site there sure are a lot of people very frightened of technology. Whenever some new technology comes along people here immediately come up with some conspiracy theory about how it can be abused but the fact remains that it never happens! For all the fear-mongering of Apple, Google and Microsoft what has been the result? None of this fear has been justified, ever. The only thing has come about is agencies like the NSA scraping the public net and in that case it doesn't matter if you were using Windows, OSX, Linux or BSD anyway.

Re:Windows 10

His predictions weren't necessarily gloom-and-doom but they were accurate. We /could/ be in a deep heap of shit with really bad privacy but we're currently not. For whatever reason it's being used to enable better user experiences and aggressive targeted advertising/market research/etc.

Re:Windows 10

[Fire_Wraith]

I can keep using a local account, I just have to disable all the stuff they keep trying to shove into it that wants to use it.

At this rate though, I expect they'll soon try to remove even that option for anything except corporate users.

Re:Windows 10

[Fire_Wraith]

It was the final straw with the cloud-based stuff they were trying to shoehorn in. I have it all disabled now, though as I noted in another post, I expect they'll try harder and harder to force that on everyone as time goes by.

Re:Windows 10

but the fact remains that it never happens

That you know of. When they come for you at 3AM, be sure to let us all know that they're taking you away while you're being dragged out of your house in the middle of the night. Maybe they'll give you a free call before they throw you in jail without a trial for months or years (or maybe they just Baker Act you, like Adrian Schoolcraft, the NYPD cop who dared to be straight). This is assuming they want you alive... you might just get shot (yet another "I thought he had a gun").

Really though, the fact is that the vast majority of people are fine upstanding citizens. Almost 50% of them even vote the right way. Chances are you've got nothing to fear at all, most certainly not an administration that has targeted political opponents in the past then tried its damnedest to cover it up (how many times does the coverup work?).

Re:Windows 10

I don't think that Windows 10 is a product of the times. Just like Android and iOS ripping anything they can from their users, they've created the times and are struggling to make us accept this.

Fuck 'em. Fuck 'em all.

Re:Windows 10

[Fire_Wraith]

I try to at least take it into consideration. I don't feel like I need complete privacy and anonymity, in part because I like some of the aspects of the connected and digital world.

That said, I try to at least be aware of some of the trade-offs, and who my information is going to (which sadly is a lot more effort than most people are interested in making). It comes down to who I'm willing to grant access to what information, to what degree - in part because of what they're likely to do with it, as well as what I feel like I get out of the service.

It's part of why I avoid using Facebook, because of their (nightmarish) track record and attitude towards things. On the other hand I use a number of services that are quite capable of tracking lots of things about me, and in some cases noticeably do - everyone from my cellphone provider, to Amazon when I browse or buy stuff, to Google when I search for something or use their map service, etc.

Why do I use those and not Facebook? Mostly because I'm of the opinion Facebook doesn't give a rat's ass who it sells stuff to, and wants to know every last thing about me and my personal life. If anything, they're more like an Intelligence Agency in their overwhelming and aggressive interest in my information. The others are at least more content with the stuff I give them. Amazon? Amazon can know what I buy and view from Amazon, in part because sometimes they'll later show me more stuff that I'm sometimes interested in. I'd be happier with the option to turn it off, maybe, but that's still a choice I can make between shopping there and not.

But there's a difference between having applications that I choose to use - such as Skype for instance - that links back into Microsoft's cloud, and having the very OS itself basically running in SaaS mode with a cloud based account. It's also not just about the privacy issues, but also the security issues that syncing my local password and my cloud password presents.

Re:Windows 10

[FlyHelicopters]

I really want to like Windows 10. It seems to have a lot of nice features, was a smooth upgrade from 7, and probably the single most painless OS upgrade I've had on any MS platform

Amen, it really has been painless. They put a lot of effort into making this super easy. So far I've upgraded more than a dozen machines, ranging from a Core2Quad from 2008 to a recent high end Haswell machine, down to an ultraportable that only came with 32GB of SSD storage and didn't have enough space to install, but it used a USB Flash stick and did it anyway.

No problems. None, zero, ziltch, everything worked perfectly at the first reboot, and that included 5 year old Windows 7 installs that had a million things on them.

Re:Windows 10

No, you do not have to choose "Create a new Microsoft account" unless you want to use the Store, OneDrive (SkyDrive back in the day). In order to use Skype you had to have a "Microsoft Account" too, just use that one to access the Store. Windows 8.1 update was downloaded from the Store so you had to use a Microsoft account.

I have three (3 for those who can not read) Windows 10 devices. I use a local login for all of them, I have no logins using my Microsoft account. I did not use my Microsoft account to upgrade/update from Windows 7 -> 8.x -> 10x other than using the Store to initiate the 8.0 -> 8.1 update. I have never used defaults when installing OS's of any shape or form. I do not use Facebook, Twitter or anything Google except the search engine.

You pussy's are plain ID10T's when it comes to Windows installations.

Re:Windows 10

[yuhong]

Actually, I think Win10 is better in that it makes the option to use a local account visible on the login screen.

Re:Windows 10

[LVSlushdat]

My "last straw" occurred around 2011. I'd just retired friom supporting Windows (and some Linux) for 24 years (1991-2010). After I retired, I used Windows 7 on my home machines for a bit, and finally I decided that there was nothing I do on the computer that requires Windows, so I killed the dualboot, and switched permanently to Linux, specifically Ubuntu.. Since I'm sort of the local neighborhood "tech support", I tried out Windows 10 in Virtualbox, just to familiarize myself with it for when I'm asked to help out a neighbor.. To put it bluntly, I'd NEVER run Windows10 on any of my machines, PERIOD.. And I'll recommend to anybody who asks, that IF they MUST use Windows 10, they need to, AT A BARE MINIMUM, turn off all the privacy-removal stuff and use a local account... Yeah, I know.. keeps you from using that over-rated Cortana crap... Whupteedoo... TL:DR: People who value what little privacy they have left should stay AWAY from Windows 10, Just one man's opinion........

Re:Windows 10

[thegarbz]

The final straw was when they wanted to essentially remove my local account on the machine and replace it with me using a Microsoft account for my local login.

The final straw was providing you something optional which you can change at any time?

Man you're easy to upset.

Re:Windows 10

Richard Stallman deserves to be written off. He eats shit from his feet. And he's fucking insane.

Re:Windows 10

[KGIII]

They're all going back to Windows within 6 months anyhow. This happens every time there's an upgrade to Windows. I've learned to just ignore it, mostly. I had an update today. I don't even remember what it was. I kind of doubt it broke anything or changed any of my settings.

Re:Windows 10

[mister_playboy]

Windows 7 and 8 are now just as intrusive as 10 so please make sure you include that information in your local tech support opinion.

We have to stay up to date if we are to advise others.

Re: Windows 10

[ZiggyM]

google does the exact same with their Chromebook login. Windows does let you use a regular username/password untied to the cloud. I did it first thing.

Re:Windows 10

You can still use a local account in Windows 10, it's just not as prominently featured during the setup process. It really does pay to read the options carefully while you're doing the setup instead of just clicking "defaults" or "next, next, next". As with most things in computing, diligence and patience gets you a better experience.

Re:Windows 10

That's unfortunate, since as you readily admit Windows 10 has much to offer. However, like most versions of Windows since XP the really good stuff is in the Group Policy settings and not necessarily exposed directly via the UI. Actually, this makes a lot of sense because cluttering the main settings and config menus with hundreds of very detailed settings, many of which require expertise and experience to understand, would be a disaster. For my own part, a careful config of the privacy settings during setup, followed up by some Group Policy settings and a few disabled services put my Windows 10 install right were I want it. Telemetry is off, the data collection service is disabled, Cortana is disabled, windows updates install only when I want them to and are not shared with other PCs either on the local network or the Internet, developer mode is enabled, autoplay is off on all devices, and my account is strictly local. No problemo.

Re:Windows 10

bollocks they try to hide even creating a local account.

Re:Windows 10

[drinkypoo]

Windows 7 and 8 are now just as intrusive as 10

Only if you don't RTFA (or some other source of info) and remove/block the updates.

Re:Windows 10

[iampiti]

Yep, I totally hate what they've done with Win 10 too. It's not that they offer you options for cloud synchronization and such is that they're pushing them hard by making them the default and in many cases, making the "classic" options hard to find (e.g.: creating a local account instead of using a Ms account for login when you install Win 10).
Also for many apps (mail, media player, browser) the default are the "modern"/metro touch-optimized apps, which I find horrible for desktop use because, among other things they have tons of wasted whitespace, and much fewer options than a normal desktop app.
Anyway, I wouldn't be opposed to all of this if it was optional and could be changed to old-style defaults with a click of a button, but no, Ms is too interested in making you think you must use your PC as if it was a cellphone and practiucally forcing you to use their online services.
All this crap is why Win 10 is "free".

Re:Windows 10

[antdude]

Since W7 is getting these phone homes, I don't think I want to use it. I noticed a lot of software, beside MS', wants to phone home or somewhere these days. :(

fix

[o_ferguson]

I've come up with a relatively simple solution. The text at the end of this post is a batch file. You can copy it from here, and paste it into notepad, and save it with any name you want, and the file extension .bat and then click on it to run it. It will look for each of the corrupted updates in order, and either tell you that they aren't installed, or give you the option of removing them. If you do choose to remove one or more of them, it will prompt you to reset your computer after each successful removal. Don't do this - choose the other option, to reset later, instead. Then, once the whole batch file has run, you can reset your computer to make all the changes take effect. Also note that the final line deals with an update to Skype and may affect Skype functionality. If this matters to you, simply don't include that line in your batch file. Batchfile contents begin on the line below. EDIT: Slashdot won't let me post the batch file text here ("too much repetition") so you can find it at pastebin here: http://pastebin.com/B3DjTSX1

Re:fix

[mythosaz]

It wouldn't be too much repetition if you considered using the FOR command...

FOR %A IN (list) DO command [ parameters ]

Re:fix

[ThePhilips]

Nah. It's faster to simply :%s!^!wusa /uninstall /kb:!

No, that guy killed DoNotTrack dead. DNT for Beta

[raymorris]

No, the guys who wanted more tracking took that guy out for a beer. That's the guy who killed off DoNotTrack. Like Private Browsing in Firefox or Incognito Mode in Chrome, DNT was about the balance between privacy on one hand and convenience/features on the other hand. DNT was supposed to mean that the user valued privacy more than convenience and features at the moment. Here's what was supposed to happen, what DNT was intended for:

Case 1, no DNT header:
I go to Slashdot, and have not set a specific DNT header. I therefore get the DEFAULT tracking/personalization behaviors of Slashdot, including:
        I'm not redirected to Beta, because Slashdot tracks that I set "do not showme beta".
        On my mobile device, I'm not redirected to m.slashdot.org, because again Slashdot tracks my preferences based on some identifier/cookie.

Case2, with DNT header:
I launch a Private Browsing window in Firefox, or an Incognito tab in Chrome.
The browser prompts "DNT: Do you want to tell web sites to avoid identifying you or tracking your preferences? Some features and preferences may not work in DNT mode."
I click "yes, send the DNT header".
Slashdot sees that I have expressed that I want a higher level of privacy than the default, that I am willing to give up personalization in exchange for privacy.
Slashdot does not set a cookie, and I get redirected to m.slashdot.org or beta.slashdot.org each time. It does not track me to know my preferences between sessions.

It's all about the balance between privacy and convenience. Much like Incognito / Private Browsing mode disables the browser history, autocomplete, and other useful features in exchange for better privacy.

In short, the purpose of DNT was to communicate the user's desire to value privacy over convenience.

By violating the spec and sending DNT as the DEFAULT, the DNT header in IE suddenly meant "the user probably wants the DEFAULT balance between privacy and convenience". Since IE sent DNT by default, it no longer provided any information about the user's priorities regarding convenience vs privacy. It therefore became completely useless for it's purpose. That guy killed DNT.

-----

Here's a concrete example. Quoting from the DNT policy:

| all user identifiers, such as unique or nearly unique
| cookies, "supercookies" and fingerprints are discarded

Do you really think that all sites are going to get rid of cookies, including "don't show me Beta" cookies, for anyone and everyone using IE? Just because Microsoft thought it was a good idea? No friggin way. If the USER chose to actively ticked the box, perhaps so. Because Microsoft's marketing team thought that "Do Not Track" sounded good and that breaking most web sites was an acceptable side effect? I don't think so.

No, Thank You, Microsoft

No way will I install a Microsoft product on any computer under my control. Even at work, I push and recommend Linux and Mac (still a privacy nightmare itself).

Why do people think they need to know everything about you? I cannot even shop without being asked for an email address, even at pizza places. Data collection has gotten out of hand.

For the moment, I'm using Linux at home, but only because FreeBSD runs like crap on my current laptop. When it gets replaced, it's being replaced by one know to work well with BSD. Even Linux has gone downhill what with systemd. I'll end up an aging unix hippy with a text browser.

Re: Instead of blocking the updates with a firewal

[o_ferguson]

Yes it can - I have posted a simple batch file fix in a comment further down the page.

suggestion to make slashdot useful again

[ihtoit]

Would the editors consider adding a section for analysis of Windows updates so we can read then decide if we want them instead of having to go on click marathons through the desktop client? Even some sort of Patch Tuesday digest just indicating which of the updates are actual security patches would do it.

Re:suggestion to make slashdot useful again

[Zocalo]

The Internet Storm Centre (part of SANS) posts one of these fairly shortly after MS releases the patches. Here's their post for the August patch batch to give you an idea - they don't cover the optional updates at all though.

Re:suggestion to make slashdot useful again

[ihtoit]

mod parent up - I don't install any of the optionals anyway. Thanks for that :)

Re:suggestion to make slashdot useful again

[AmiMoJo]

This was one of the most asked for features in the Windows 10 feedback app, but it was rejected.

Re:No, that guy killed DoNotTrack dead. DNT for Be

[exomondo]

Do you really think that all sites are going to get rid of cookies, including "don't show me Beta" cookies, for anyone and everyone using IE? Just because Microsoft thought it was a good idea? No friggin way. If the USER chose to actively ticked the box, perhaps so. Because Microsoft's marketing team thought that "Do Not Track" sounded good and that breaking most web sites was an acceptable side effect? I don't think so.

So you're saying privacy should be opt-out rather than opt-in.

Re:No, that guy killed DoNotTrack dead. DNT for Be

[bondsbw]

Yet in the same comment, he's saying that making it opt-out is the reason it died.

Re: Instead of blocking the updates with a firewal

[Cramer]

Right. So next week there's a new "critical security update" that installs the same (slightly tweaked) crap.

You can only skin the sheep once

[Iamthecheese]

The funny thing about this is until this I was willing to send telemetry to Microsoft. I understand how them knowing when my system crashes helps them fix bugs. I understand the wealth of good-for-everyone knowledge that comes with reports of which precise system file had a problem performing what kind of information. I would block crash reports sometimes, and I would allow other basic telemetry most of the time.

But due to their new privacy policy and other privacy rapine I've blocked every form of telemetry on my machine. They no longer get to hear a damn thing. Surely this was predictable. And how many regular and corporate sales has Microsoft lost already over this? Everyone knows to ask their local nerd what OS and other software to use. Stupid, stupid, stupid.

Re:You can only skin the sheep once

You are naive. They write your OS, all of it. If they want to spy on you they will. Short of permanently disconnecting your device from the net, there's absolutely no way you can prevent this. You can"t permanently monitor all the outgoing tcp/ip connections and magically pinpoint and block the servers that may belong to microsoft. If they want to track you, they won't use DNS names like "spyserver.microsoft.com".

Re:You can only skin the sheep once

[yuhong]

What is actually wrong with the privacy policy that led you to disable it?

Re:You can only skin the sheep once

[LVSlushdat]

In my neighborhood, I am said "local nerd", and my advice to ANYone who asks, is "If you're on XP, we need to see if your system's use case allows you to use this thing called Linux.. If you're on Windows 7 or 8, STAY where you are... If you bought a new machine with 10, may God bless your soul.. We need to see if your machine's use case allows wiping that nightmare and installing Linux..." These words (or ones like them) have been spoken several times lately.. Especially regarding the poor sap who just bought a new system at WorstBuy and it came with 10... I castrated it as best as I could, but told the user to pray..

Re:No, that guy killed DoNotTrack dead. DNT for Be

[exomondo]

Yet in the same comment, he's saying that making it opt-out is the reason it died.

So we can't privacy by default. You should have no privacy unless you opt-in to having it.

Cloud logins

[JBMcB]

Cloud login sync between my 8.1 family PC and 8.1 tablet = kinda cool - the kid's pictures and game saves just pop up between the two.

Cloud sync between my 8.1 family PC and 8.1 development box = completely pointless - these are two different machines, I don't want family junk on my dev box or makefiles all over my family machine.

OMG!

[viperidaenz]

People who opted in to the Customer Experience Improvement Program are getting updates that send customer experience telemetry data.

What an outrage.

Re:OMG!

[Heir+Of+The+Mess]

A good software developer should add logging of errors, unexpected values, and operations that take longer to complete than expected, and there should be a user option to have these logs sent back to the developer. So ok that seems to be what's happening here. As this is an OS it's probably also sniffing for malware like behaviour.

Being Slashdot I guess the unspoken worry is that MS are recording videos of slashdotters watching porn and the developers are having a good laugh. However I doubt that is happening.

Re:OMG!

People who opted OUT are getting the same updates.

Re:OMG!

[yuhong]

But this don't mean the data is getting actually sent.

Re:OMG!

[KGIII]

I don't really use Windows much and haven't for a while but, and this is just an idea, maybe if they did - you know - actually opt in then they'd get the patches applicable to their unique user machine instead of generic patches or the same patches that everyone gets? I have no idea how this works, I really don't. I used to be a pretty avid user but I got bored.

Re:OMG!

[Octorian]

Yeah, when anyone else does it, this is the normal way software is maintained and supported in the modern connected world.
But when Microsoft does it, we scream bloody murder!

So many things these days seem to have these sorts of double-standards.

Sigh

[Trogre]

Why, again, do people still use Windows?

Re:Sigh

[exomondo]

Why, again, do people still use Windows?

Because it runs the programs they need to run and works with the devices they use. That is the primary purpose of an operating system, nobody turns on their computer just to use the operating system.

Re:Sigh

nobody turns on their computer just to use the operating system.

Well, some Linux nerds probably do but that's effectively the same as nobody.

Re:Sigh

[qaz123]

Because there's no real alternative

Re:Sigh

Because it's better. Apple? Overprices toys for hipsters since the Apple II. Linux? What a joke.

Re:Sigh

> Because it runs the programs they need to run and works with the devices they use

Yeah, and you can say this of any operating system.

Answer 2:

- Because it's pre-installed and most of people use what you give them.
- Because they have been taught to it from school, and are use to the software on this platform.

Re:Sigh

[macs4all]

Why, again, do people still use Windows?

Primarily because the IT community keeps on sucking Bill Gates' cock, because "Nobody ever got fired for spec-ing Windows" and because "It is Job Security" (can't tell you how many SysAdmins have told me that).

But the real reason people still use Windows is that their fucking work uses, or worse yet, depends on Windows.

Period.

Re:Sigh

[exomondo]

> Because it runs the programs they need to run and works with the devices they use

Yeah, and you can say this of any operating system.

Right and people use Windows because that is the OS with all the desktop applications and device support. Just like they use iOS and Android over webOS or Maemo or FFOS on mobiles.

- Because it's pre-installed and most of people use what you give them.

Then the answer is to work with OEMs to provide Linux pre-installed, otherwise you're just flogging a dead horse.

- Because they have been taught to it from school, and are use to the software on this platform.

Nope, plenty of people do their personal computing on systems other than Windows nowadays because they adapt and even the Windows of 10 years ago is drastically different from the Windows of today.

Re:Sigh

[thegarbz]

Yeah, and you can say this of any operating system.

You most definitely can't. Linux support for Windows software is a convoluted pain in the arse which may work depending on the odd version of a program you are using. Likewise Linux support for anything more complicated than a mouse and a keyboard on a computer is abysmal.

Re:Sigh

[Trogre]

You're joking right?

Perhaps you're confused with the bitching that goes on here with various components of common Linux distributions, such as KDE, GNOME and Systemd. You must understand that these complaints are all comparing to states within the Linux ecosystem and not relevant to other operating systems. Even the parts of Linux that we like to complain about are still light years ahead of anything that's come from Microsoft or Apple.

Re:Sigh

[jp10558]

I know I'm strange, but I find software somewhat frequently that just works on linux but has no Windows version, or requires me figuring out how to add perl, python, insert scripting layer that isn't there first, and then translate unix style conf file to something that works on Windows.

Plenty of complicated stuff beyond a keyboard and mouse is done on Linux computers, it's just not home stuff. Almost all our scientific hardware and radiation control systems and the like run linux. We've had people re-write their own drivers for some hardware on Linux because trying to get EPICS to work on Windows is seen as far harder, and mostly a waste of time for one hardware device out of thousands.

Re:Sigh

[jp10558]

To take this to a bit of an absurd hyperbole, that's like Old Dixie plantation owners saying that there's no real alternative to slavery to harvest cotton.

If you care about your control of the computers you own, or privacy, or freedom, or community, or pick your reason, there are real alternatives. You just have to care about one or all of the above more than convenience.

Sadly, our culture generally fails to sacrifice anything anymore for any of our ideals beyond bread and circuses. We don't stand up for the public domain, we pirate or pay. We couldn't just do without that entertainment. We don't make political sacrifices, or work for campaigns we believe in to help third parties, we barely manage to vote for one of the 2 parties that are the problem.

So yes, if you can't put forth any effort at all, there's no alternative. But realize that you're saying the digital equivalent of there's no alternative to being fat and eating fast food. Because any of the alternatives take work and may be unpleasant in any of a number of ways. But Slashdot rightly ridicules that delusion while perpetuating that everyone has to use Windows and take whatever Microsoft gives them.

Re:Sigh

[thegarbz]

Indeed, which is precisely why I have both operating systems, and both capable of VMing the other. My point was that OSes are not interchangeable and a lot of us are well and truly tied to them.

What it IS, not SHOULD be. I prefer both

[raymorris]

I didn't say anything about my opinion of what SHOULD be. I described what the DNT spec does actually say. It says the header means that user actively chose to give up convenience and features , choosing more privacy instead. That's the meaning of the DNT header, per the DNT spec. I didn't write the spec, I just read it.

As written, DNT is well matched with Private Browsing mode. Sometimes I use Private Browsing. Most of the time I don't use it, because I LIKE auto complete. But I don't like my address bar to autocomplete xvideos.com during a presentation at work. So I use private mode for xvideos.com, I don't use it for Slashdot.

If I were writing the standard, I might have three choices:

More private, less convenient ( don't remember any preferences)
Default (features based on anonymous cookies, opaque IDs)
More convenient ("keep me logged in")

Re:What it IS, not SHOULD be. I prefer both

[exomondo]

The fact that you have to explicitly say you want privacy makes it a bad spec to begin with, just like having to explicitly say you dont want to participate in Windows' CEIP rather than it being something you opt-in to is bad for privacy (even though in that case it's just telemetry data).

How do I avoid being infected on 8.1?

[DNS-and-BIND]

From what I've read, all of these infected updates are optional, so you have to deliberately install them. Is this true? If not, how do I detect if I've been infected? Someone up the thread posted a link to a github with a batch script you have to run as administrator, that's not really what I'm talking about. I just want to detect.

Re:How do I avoid being infected on 8.1?

Hopefully (I don't know), Windows 8 will list the updates by KB number like in the summary. In Windows 7, you'd go into the Windows Update section of Control Panel, click the "View update history" link, and go from there. The "Installed Updates" link is helpful, too.

In Windows 8.1, I suppose you'd do some swipey-swipey move on the right side of the screen, then pray to God that the Control Panel item leads you to the right place.

Re:How do I avoid being infected on 8.1?

Your best option: https://www.debian.org/

Re:How do I avoid being infected on 8.1?

If only there was some website, where MY problems with DIGITAL devices were listed and fixed. If only someone with no LIFE would put out the INFO needed.

If only the boldcase words above could be put together to form a magic URL, where all of the problems with Microsoft software could be solved. That'll be a great day if someone does it. Then there will a a script there.

1st rule: Do not talk about the fight club.

If you've already installed Windows 10, it seems there's a way to get it to stop broadcasting telemetry (even when disabled), produced by those good folks at O&O Software GmbH called Shut Up Windows 10 [no ref links here]. Perhaps they can make it work with Windows 7 & 8 as well? O&O is not a new game in town, they also make a nice Defrag tool as well. They've been around since at least 2000, when I first heard of them on IRC.

Re:How do I avoid being infected on 8.1?

[LVSlushdat]

With a product like that (bless their hearts!!) I wonder just how long they'll continue to be a "Microsoft Partner".......

Re:How do I avoid being infected on 8.1?

[wootcat]

I followed the instructions here...

https://www.hackread.com/microsoft-updates-spy-on-windows7-8-users/

It details how to see if you have those KBs installed and if so, how to remove them.

I don't entirely disagree

[raymorris]

I don't entirely disagree with you. However, consider this. You not only got on the web, you also LOGGED IN and posted your private opinions publicly. For whatever reason, you just chose to make your private thoughts public, and chose to have Slashdot track your /. user id. That shows that SOMETIMES, you want Slashdot to identify you. Sometimes, privacy is not the most important thing to you.

If you're like me, you clicked the "don't redirect me to beta" button. You're probably glad that Slashdot remebers that preference, so you don't have to click "no beta" every time you visit the site. In over words, you WANT Slashdot to recognize you and track your preferences.

Privacy isn't a yes or no thing, and it's not without it's costs. The question is, "how much convenience do you want to give up, right now, to get how much privacy?"

For most of us, e answer changes throughout the day. If I was on Ashley Madison, I"d want that to be very private. On the other hand, I want my Google maps to be very convenient. I'd rather it remember frequently used addresses rather than make me type em in every time.

Re:I don't entirely disagree

[exomondo]

I don't entirely disagree with you. However, consider this. You not only got on the web, you also LOGGED IN and posted your private opinions publicly. For whatever reason, you just chose to make your private thoughts public, and chose to have Slashdot track your /. user id. That shows that SOMETIMES, you want Slashdot to identify you. Sometimes, privacy is not the most important thing to you.

Right, and I prefer to choose when that is, not have that as the default.

On the other hand, I want my Google maps to be very convenient. I'd rather it remember frequently used addresses rather than make me type em in every time.

Yes and you should opt in to that.

Re:I don't entirely disagree

[EndlessNameless]

Social sites need to know your identity in order to show any content, most sites offering customization that users typically end up using, and many sites have forums and other interactive content.

The default should give most people what they need. Savvy users will allow tracking on some sites and not others---which requires manual configuration regardless of the defaults. So the default DNT setting effectively decides whether configuration is required by all users or some smaller subset of users.

With DNT disabled by default, a sizable majority of people will not need to reconfigure the product. Isn't that one of the primary reasons for making an option the default? Especially if a product is intended to be user-friendly.

While having DNT disabled by default is certainly not the most privacy-conscious option, it is the correct choice for mainstream browsers.

Re:I don't entirely disagree

[exomondo]

Social sites need to know your identity in order to show any content, most sites offering customization that users typically end up using, and many sites have forums and other interactive content.

Right, in that case I will grant them that but not just every site by default. If they need it they can ask for it and I will make that decision.

Re:No, that guy killed DoNotTrack dead. DNT for Be

[bondsbw]

No, I agree with your original statement. I was just pointing out the contradiction in the post by raymorris. (And to be clear, it's not a contradiction in logic but a contradiction between ideal and reality.)

fuck microsoft

fuck microsoft

HOSTS file to the rescue!

[CxDoo]

Aw man apk will jizzgazm all over this thread. The time has finally come!

Re:HOSTS file to the rescue!

So you were in jail from 2010 to 2012 (from your post history).

Re:HOSTS file to the rescue!

[CxDoo]

Might be but that's a non sequitur, you know that?

Trust on system updates broken

[naranek]

The thing that worries me it that there are now dozens of articles about which updates to remove to disable telemetry or the Windows 10 update nagbox. We've been saying that installing security updates is fundamental to keeping your computer secure. This goes against that. Do we really want to teach people to uninstall random updates based on shady blog articles?

Earlier I had all automatic update checkboxes checked, because I trusted that security updates are just that - security updates. From now on I'll be checking all the updates manually before installing, and I really hate to have to do that.

And before anybody recommends switch to Linux, I already use Linux as my main OS.

Re:Trust on system updates broken

[thegarbz]

It's taken you until now to realise that?

Now when Microsoft rolled out "critical security updates" that did nothing more than disable people's wallpaper and bring up a popup about some genuine advantage thing? Not when Microsoft rolled out another security update that put a the nag button to install Windows 10 on the taskbar?

Microsoft's security updates seems to be about something other than security a significant portion of the time.

Re:Trust on system updates broken

[jp10558]

I'd suggest just having an image or deepfreeze or snapshot if a VM, save files somewhere else, and turn off all updates. Run a Firewall and HIPS, and reset to the initial image or system state every day or week or month to clean out any badness...

I mean, if you're only using it occasionally, treat it like a liveOS you boot up for the hour or two you need it, and then turn it off again and discard any changes. Don't allow it direct access to any real datastores and who cares if you get a virus for a couple minutes that you then wipe away?

Re:Trust on system updates broken

[Agripa]

The thing that worries me it that there are now dozens of articles about which updates to remove to disable telemetry or the Windows 10 update nagbox. We've been saying that installing security updates is fundamental to keeping your computer secure. This goes against that. Do we really want to teach people to uninstall random updates based on shady blog articles?

Earlier I had all automatic update checkboxes checked, because I trusted that security updates are just that - security updates. From now on I'll be checking all the updates manually before installing, and I really hate to have to do that.

The real question is did MIcrosoft want to teach that because they have.

Re:No, that guy killed DoNotTrack dead. DNT for Be

[AmiMoJo]

There is no reason why in your example Slashdot could not remember your preferences without tracking you. A simple anonymous cookie with no unique ID for beta/no beta and mobile/desktop is all that is required.

Even logging in is possible without violating DNT. Just discard any tracking data not essential for the provision of logged in services. DNT doesn't mean "do not set cookies", it means "don't track my browsing habits for any reason other than the provision of the services I ask for (e.g. advertising)."

Now I'm Confused

Does turning off or on the automatic updates keeps my system secure?

Re:Windows 10 (and 7/8 also)

[LVSlushdat]

yes.. I am discovering that now, in the future, I'll be warning everybody about 7 AND 8... Of course, I'll also be using one or more of these lists of "updates" to REMOVE this crap from Win7/8 when we do our "Windows Janitorial Service"..... Jesus Christ, I'm beside myself with glee that I moved my families computers off MS products in 2011.....

Why not just deploy to those participating in CEIP

[ausrob]

Unless there's a sinister plan to expand the use of telemetry in the future, why would these updates even be deployed to users who aren't already participating in the Customer Experience Improvement Program?

MS made it so hosts blocks won't work

THIS however, works (unfortunately it sets you to IE8 again (but not IF you don't want it to regarding KB2670838):

IMPORTANT ONE IS GROUP POLICY (gpedit.msc):

Go to Computer Configuration, Administrative Templates, System
Internet Communication Management, Internet Communication Settings

ENABLE (to turn it on, it is a disabler)

"Turn off Windows Customer Experience Improvement Program"

---

TO REMOVE THE BOGUS OPTIONAL TELEMETRY HOTFIXES MANUALLY:

Open command prompt
Type powershell
issue these commands

---

TO SEE WHAT ONES ARE INSTALLED:

get-hotfix -id KB3035583, KB2952664,KB2976978,KB3021917,KB3044374,KB2990214

---

TO UNINSTALL THEM (these for sure, per url next below):

wusa /uninstall /kb:3035583
wusa /uninstall /kb:2952664
wusa /uninstall /kb:2976978
wusa /uninstall /kb:3021917
wusa /uninstall /kb:3044374
wusa /uninstall /kb:2990214

per http://www.ghacks.net/2015/04/...

---

DESCRIPTIONS OF EACH (these uninstalled properly):

KB3022345 (Telemetry)
KB2977759 (Windows 10 Upgrade preparation)
KB3021917 (Windows 10 Upgrade preparatioon + Telemetry)
KB3035583 (Windows 10 upgrade preparation)
KB3068708 (Telemetry)
KB3075249 (Telemetry)
KB3080149 (Telemetry)

---

I GOT "NOT INSTALLED ON THIS COMPUTER" ON THESE INITIALLY SINCE I HAD IE11 installed (PROBABLY ONES FOR IE9/10/11):

KB3075249
KB3080149
KB2505438
* KB2670838 (See IE 9/10/11 notes below)
KB3044374
KB2990214 (Windows 10 Upgrade preparation)
KB2505438 (Although it claims to fix performance issues, it often breaks fonts)
KB2976978 (Windows 10 Upgrade preparation)

---

I GOT "NOT INSTALLED ON THIS COMPUTER" ON THESE (*PRIOR* TO PULLING KB2670838 which is IE 11):

* KB2670838 (This update often breaks AERO on Windows 7 and makes some fonts on websites fuzzy. A Windows 7 specific update only
                        (do not install IE10 or 11 otherwise it will be bundled with them, IE9 is the max version you should install to avoid this).

THESE RE-APPEAR AFTER UNINSTALLING IE11 RIGHT ON RESTARTING & CHECKING WINDOWS UPDATE:

* KB2952664 (Windows 10 Upgrade preparation prior to IE9/10/11 install)
* KB3021917 (Windows 10 Upgrade preparation prior to IE9/10/11 install)
* KB3068708 (Windows 10 Upgrade preparation prior to IE9/10/11 install)
* KB3092627 (Windows 10 Upgrade preparation prior to IE9/10/11 install)

---

run cmd as administrator

sc stop Diagtrack
sc delete Diagtrack

---

*Task Scheduler Library:

Everything under "Application Experience"
Everything under "Autochk"
Everything under "Customer Experience Improvement Program"
Under "Disk Diagnostic" only the "Microsoft-Windows-DiskDiagnosticDataCollector"
Under "Maintenance" "WinSAT"
"Media Center" and click the "status" column, then select all non-disabled entries and disable them.

*services.msc:

"Remote Registry" to "Disabled" instead of "Manual".

APK

P.S.=> And, "there ya go", for stopping Windows 7/8/VISTA/10 telemetry tracking, in a nutshell... apk

read the RFC

[raymorris]

If you're interested, you can read the actual DNT RFC rather than guessing about what it says.

There's nothing in the spec about "reason other than the provision of the services". There is one mention of advertising- tracking is ALLOWED under an exemption for advertising fraud detection. So almost the opposite of what you guessed it says.